summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/evp/evp.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/evp/evp.h')
-rw-r--r--src/lib/libcrypto/evp/evp.h98
1 files changed, 88 insertions, 10 deletions
diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h
index da93e945f5..aa9616e11b 100644
--- a/src/lib/libcrypto/evp/evp.h
+++ b/src/lib/libcrypto/evp/evp.h
@@ -83,7 +83,7 @@
83#define EVP_RC5_32_12_16_KEY_SIZE 16 83#define EVP_RC5_32_12_16_KEY_SIZE 16
84*/ 84*/
85#define EVP_MAX_MD_SIZE 64 /* longest known is SHA512 */ 85#define EVP_MAX_MD_SIZE 64 /* longest known is SHA512 */
86#define EVP_MAX_KEY_LENGTH 32 86#define EVP_MAX_KEY_LENGTH 64
87#define EVP_MAX_IV_LENGTH 16 87#define EVP_MAX_IV_LENGTH 16
88#define EVP_MAX_BLOCK_LENGTH 32 88#define EVP_MAX_BLOCK_LENGTH 32
89 89
@@ -116,6 +116,7 @@
116#define EVP_PKEY_DH NID_dhKeyAgreement 116#define EVP_PKEY_DH NID_dhKeyAgreement
117#define EVP_PKEY_EC NID_X9_62_id_ecPublicKey 117#define EVP_PKEY_EC NID_X9_62_id_ecPublicKey
118#define EVP_PKEY_HMAC NID_hmac 118#define EVP_PKEY_HMAC NID_hmac
119#define EVP_PKEY_CMAC NID_cmac
119 120
120#ifdef __cplusplus 121#ifdef __cplusplus
121extern "C" { 122extern "C" {
@@ -216,6 +217,8 @@ typedef int evp_verify_method(int type,const unsigned char *m,
216 217
217#define EVP_MD_FLAG_DIGALGID_CUSTOM 0x0018 218#define EVP_MD_FLAG_DIGALGID_CUSTOM 0x0018
218 219
220#define EVP_MD_FLAG_FIPS 0x0400 /* Note if suitable for use in FIPS mode */
221
219/* Digest ctrls */ 222/* Digest ctrls */
220 223
221#define EVP_MD_CTRL_DIGALGID 0x1 224#define EVP_MD_CTRL_DIGALGID 0x1
@@ -325,6 +328,10 @@ struct evp_cipher_st
325#define EVP_CIPH_CBC_MODE 0x2 328#define EVP_CIPH_CBC_MODE 0x2
326#define EVP_CIPH_CFB_MODE 0x3 329#define EVP_CIPH_CFB_MODE 0x3
327#define EVP_CIPH_OFB_MODE 0x4 330#define EVP_CIPH_OFB_MODE 0x4
331#define EVP_CIPH_CTR_MODE 0x5
332#define EVP_CIPH_GCM_MODE 0x6
333#define EVP_CIPH_CCM_MODE 0x7
334#define EVP_CIPH_XTS_MODE 0x10001
328#define EVP_CIPH_MODE 0xF0007 335#define EVP_CIPH_MODE 0xF0007
329/* Set if variable length cipher */ 336/* Set if variable length cipher */
330#define EVP_CIPH_VARIABLE_LENGTH 0x8 337#define EVP_CIPH_VARIABLE_LENGTH 0x8
@@ -346,6 +353,15 @@ struct evp_cipher_st
346#define EVP_CIPH_FLAG_DEFAULT_ASN1 0x1000 353#define EVP_CIPH_FLAG_DEFAULT_ASN1 0x1000
347/* Buffer length in bits not bytes: CFB1 mode only */ 354/* Buffer length in bits not bytes: CFB1 mode only */
348#define EVP_CIPH_FLAG_LENGTH_BITS 0x2000 355#define EVP_CIPH_FLAG_LENGTH_BITS 0x2000
356/* Note if suitable for use in FIPS mode */
357#define EVP_CIPH_FLAG_FIPS 0x4000
358/* Allow non FIPS cipher in FIPS mode */
359#define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0x8000
360/* Cipher handles any and all padding logic as well
361 * as finalisation.
362 */
363#define EVP_CIPH_FLAG_CUSTOM_CIPHER 0x100000
364#define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
349 365
350/* ctrl() values */ 366/* ctrl() values */
351 367
@@ -358,7 +374,36 @@ struct evp_cipher_st
358#define EVP_CTRL_RAND_KEY 0x6 374#define EVP_CTRL_RAND_KEY 0x6
359#define EVP_CTRL_PBE_PRF_NID 0x7 375#define EVP_CTRL_PBE_PRF_NID 0x7
360#define EVP_CTRL_COPY 0x8 376#define EVP_CTRL_COPY 0x8
361#define EVP_CTRL_SET_ACSS_MODE 0x9 377#define EVP_CTRL_GCM_SET_IVLEN 0x9
378#define EVP_CTRL_GCM_GET_TAG 0x10
379#define EVP_CTRL_GCM_SET_TAG 0x11
380#define EVP_CTRL_GCM_SET_IV_FIXED 0x12
381#define EVP_CTRL_GCM_IV_GEN 0x13
382#define EVP_CTRL_CCM_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN
383#define EVP_CTRL_CCM_GET_TAG EVP_CTRL_GCM_GET_TAG
384#define EVP_CTRL_CCM_SET_TAG EVP_CTRL_GCM_SET_TAG
385#define EVP_CTRL_CCM_SET_L 0x14
386#define EVP_CTRL_CCM_SET_MSGLEN 0x15
387/* AEAD cipher deduces payload length and returns number of bytes
388 * required to store MAC and eventual padding. Subsequent call to
389 * EVP_Cipher even appends/verifies MAC.
390 */
391#define EVP_CTRL_AEAD_TLS1_AAD 0x16
392/* Used by composite AEAD ciphers, no-op in GCM, CCM... */
393#define EVP_CTRL_AEAD_SET_MAC_KEY 0x17
394/* Set the GCM invocation field, decrypt only */
395#define EVP_CTRL_GCM_SET_IV_INV 0x18
396
397/* OpenBSD extension */
398#define EVP_CTRL_SET_ACSS_MODE 0x80
399
400/* GCM TLS constants */
401/* Length of fixed part of IV derived from PRF */
402#define EVP_GCM_TLS_FIXED_IV_LEN 4
403/* Length of explicit part of IV part of TLS records */
404#define EVP_GCM_TLS_EXPLICIT_IV_LEN 8
405/* Length of tag for TLS */
406#define EVP_GCM_TLS_TAG_LEN 16
362 407
363typedef struct evp_cipher_info_st 408typedef struct evp_cipher_info_st
364 { 409 {
@@ -376,7 +421,7 @@ struct evp_cipher_ctx_st
376 unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */ 421 unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */
377 unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */ 422 unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */
378 unsigned char buf[EVP_MAX_BLOCK_LENGTH];/* saved partial block */ 423 unsigned char buf[EVP_MAX_BLOCK_LENGTH];/* saved partial block */
379 int num; /* used by cfb/ofb mode */ 424 int num; /* used by cfb/ofb/ctr mode */
380 425
381 void *app_data; /* application stuff */ 426 void *app_data; /* application stuff */
382 int key_len; /* May change for variable length cipher */ 427 int key_len; /* May change for variable length cipher */
@@ -696,6 +741,9 @@ const EVP_MD *EVP_dev_crypto_md5(void);
696#ifndef OPENSSL_NO_RC4 741#ifndef OPENSSL_NO_RC4
697const EVP_CIPHER *EVP_rc4(void); 742const EVP_CIPHER *EVP_rc4(void);
698const EVP_CIPHER *EVP_rc4_40(void); 743const EVP_CIPHER *EVP_rc4_40(void);
744#ifndef OPENSSL_NO_MD5
745const EVP_CIPHER *EVP_rc4_hmac_md5(void);
746#endif
699#endif 747#endif
700#ifndef OPENSSL_NO_IDEA 748#ifndef OPENSSL_NO_IDEA
701const EVP_CIPHER *EVP_idea_ecb(void); 749const EVP_CIPHER *EVP_idea_ecb(void);
@@ -742,9 +790,10 @@ const EVP_CIPHER *EVP_aes_128_cfb8(void);
742const EVP_CIPHER *EVP_aes_128_cfb128(void); 790const EVP_CIPHER *EVP_aes_128_cfb128(void);
743# define EVP_aes_128_cfb EVP_aes_128_cfb128 791# define EVP_aes_128_cfb EVP_aes_128_cfb128
744const EVP_CIPHER *EVP_aes_128_ofb(void); 792const EVP_CIPHER *EVP_aes_128_ofb(void);
745#if 0
746const EVP_CIPHER *EVP_aes_128_ctr(void); 793const EVP_CIPHER *EVP_aes_128_ctr(void);
747#endif 794const EVP_CIPHER *EVP_aes_128_gcm(void);
795const EVP_CIPHER *EVP_aes_128_ccm(void);
796const EVP_CIPHER *EVP_aes_128_xts(void);
748const EVP_CIPHER *EVP_aes_192_ecb(void); 797const EVP_CIPHER *EVP_aes_192_ecb(void);
749const EVP_CIPHER *EVP_aes_192_cbc(void); 798const EVP_CIPHER *EVP_aes_192_cbc(void);
750const EVP_CIPHER *EVP_aes_192_cfb1(void); 799const EVP_CIPHER *EVP_aes_192_cfb1(void);
@@ -752,9 +801,9 @@ const EVP_CIPHER *EVP_aes_192_cfb8(void);
752const EVP_CIPHER *EVP_aes_192_cfb128(void); 801const EVP_CIPHER *EVP_aes_192_cfb128(void);
753# define EVP_aes_192_cfb EVP_aes_192_cfb128 802# define EVP_aes_192_cfb EVP_aes_192_cfb128
754const EVP_CIPHER *EVP_aes_192_ofb(void); 803const EVP_CIPHER *EVP_aes_192_ofb(void);
755#if 0
756const EVP_CIPHER *EVP_aes_192_ctr(void); 804const EVP_CIPHER *EVP_aes_192_ctr(void);
757#endif 805const EVP_CIPHER *EVP_aes_192_gcm(void);
806const EVP_CIPHER *EVP_aes_192_ccm(void);
758const EVP_CIPHER *EVP_aes_256_ecb(void); 807const EVP_CIPHER *EVP_aes_256_ecb(void);
759const EVP_CIPHER *EVP_aes_256_cbc(void); 808const EVP_CIPHER *EVP_aes_256_cbc(void);
760const EVP_CIPHER *EVP_aes_256_cfb1(void); 809const EVP_CIPHER *EVP_aes_256_cfb1(void);
@@ -762,8 +811,13 @@ const EVP_CIPHER *EVP_aes_256_cfb8(void);
762const EVP_CIPHER *EVP_aes_256_cfb128(void); 811const EVP_CIPHER *EVP_aes_256_cfb128(void);
763# define EVP_aes_256_cfb EVP_aes_256_cfb128 812# define EVP_aes_256_cfb EVP_aes_256_cfb128
764const EVP_CIPHER *EVP_aes_256_ofb(void); 813const EVP_CIPHER *EVP_aes_256_ofb(void);
765#if 0
766const EVP_CIPHER *EVP_aes_256_ctr(void); 814const EVP_CIPHER *EVP_aes_256_ctr(void);
815const EVP_CIPHER *EVP_aes_256_gcm(void);
816const EVP_CIPHER *EVP_aes_256_ccm(void);
817const EVP_CIPHER *EVP_aes_256_xts(void);
818#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
819const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void);
820const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void);
767#endif 821#endif
768#endif 822#endif
769#ifndef OPENSSL_NO_ACSS 823#ifndef OPENSSL_NO_ACSS
@@ -1051,13 +1105,22 @@ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
1051#define EVP_PKEY_CTRL_CMS_DECRYPT 10 1105#define EVP_PKEY_CTRL_CMS_DECRYPT 10
1052#define EVP_PKEY_CTRL_CMS_SIGN 11 1106#define EVP_PKEY_CTRL_CMS_SIGN 11
1053 1107
1108#define EVP_PKEY_CTRL_CIPHER 12
1109
1054#define EVP_PKEY_ALG_CTRL 0x1000 1110#define EVP_PKEY_ALG_CTRL 0x1000
1055 1111
1056 1112
1057#define EVP_PKEY_FLAG_AUTOARGLEN 2 1113#define EVP_PKEY_FLAG_AUTOARGLEN 2
1114/* Method handles all operations: don't assume any digest related
1115 * defaults.
1116 */
1117#define EVP_PKEY_FLAG_SIGCTX_CUSTOM 4
1058 1118
1059const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type); 1119const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
1060EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags); 1120EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags);
1121void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
1122 const EVP_PKEY_METHOD *meth);
1123void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
1061void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth); 1124void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
1062int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth); 1125int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
1063 1126
@@ -1075,7 +1138,7 @@ int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx);
1075void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen); 1138void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen);
1076 1139
1077EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, 1140EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
1078 unsigned char *key, int keylen); 1141 const unsigned char *key, int keylen);
1079 1142
1080void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data); 1143void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data);
1081void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx); 1144void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx);
@@ -1194,9 +1257,13 @@ void ERR_load_EVP_strings(void);
1194/* Error codes for the EVP functions. */ 1257/* Error codes for the EVP functions. */
1195 1258
1196/* Function codes. */ 1259/* Function codes. */
1197#define EVP_F_AESNI_INIT_KEY 165 1260#define EVP_F_AESNI_INIT_KEY 165
1261#define EVP_F_AESNI_XTS_CIPHER 176
1198#define EVP_F_AES_INIT_KEY 133 1262#define EVP_F_AES_INIT_KEY 133
1263#define EVP_F_AES_XTS 172
1264#define EVP_F_AES_XTS_CIPHER 175
1199#define EVP_F_CAMELLIA_INIT_KEY 159 1265#define EVP_F_CAMELLIA_INIT_KEY 159
1266#define EVP_F_CMAC_INIT 173
1200#define EVP_F_D2I_PKEY 100 1267#define EVP_F_D2I_PKEY 100
1201#define EVP_F_DO_SIGVER_INIT 161 1268#define EVP_F_DO_SIGVER_INIT 161
1202#define EVP_F_DSAPKEY2PKCS8 134 1269#define EVP_F_DSAPKEY2PKCS8 134
@@ -1251,15 +1318,24 @@ void ERR_load_EVP_strings(void);
1251#define EVP_F_EVP_RIJNDAEL 126 1318#define EVP_F_EVP_RIJNDAEL 126
1252#define EVP_F_EVP_SIGNFINAL 107 1319#define EVP_F_EVP_SIGNFINAL 107
1253#define EVP_F_EVP_VERIFYFINAL 108 1320#define EVP_F_EVP_VERIFYFINAL 108
1321#define EVP_F_FIPS_CIPHERINIT 166
1322#define EVP_F_FIPS_CIPHER_CTX_COPY 170
1323#define EVP_F_FIPS_CIPHER_CTX_CTRL 167
1324#define EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH 171
1325#define EVP_F_FIPS_DIGESTINIT 168
1326#define EVP_F_FIPS_MD_CTX_COPY 169
1327#define EVP_F_HMAC_INIT_EX 174
1254#define EVP_F_INT_CTX_NEW 157 1328#define EVP_F_INT_CTX_NEW 157
1255#define EVP_F_PKCS5_PBE_KEYIVGEN 117 1329#define EVP_F_PKCS5_PBE_KEYIVGEN 117
1256#define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118 1330#define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118
1331#define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164
1257#define EVP_F_PKCS8_SET_BROKEN 112 1332#define EVP_F_PKCS8_SET_BROKEN 112
1258#define EVP_F_PKEY_SET_TYPE 158 1333#define EVP_F_PKEY_SET_TYPE 158
1259#define EVP_F_RC2_MAGIC_TO_METH 109 1334#define EVP_F_RC2_MAGIC_TO_METH 109
1260#define EVP_F_RC5_CTRL 125 1335#define EVP_F_RC5_CTRL 125
1261 1336
1262/* Reason codes. */ 1337/* Reason codes. */
1338#define EVP_R_AES_IV_SETUP_FAILED 162
1263#define EVP_R_AES_KEY_SETUP_FAILED 143 1339#define EVP_R_AES_KEY_SETUP_FAILED 143
1264#define EVP_R_ASN1_LIB 140 1340#define EVP_R_ASN1_LIB 140
1265#define EVP_R_BAD_BLOCK_LENGTH 136 1341#define EVP_R_BAD_BLOCK_LENGTH 136
@@ -1277,6 +1353,7 @@ void ERR_load_EVP_strings(void);
1277#define EVP_R_DECODE_ERROR 114 1353#define EVP_R_DECODE_ERROR 114
1278#define EVP_R_DIFFERENT_KEY_TYPES 101 1354#define EVP_R_DIFFERENT_KEY_TYPES 101
1279#define EVP_R_DIFFERENT_PARAMETERS 153 1355#define EVP_R_DIFFERENT_PARAMETERS 153
1356#define EVP_R_DISABLED_FOR_FIPS 163
1280#define EVP_R_ENCODE_ERROR 115 1357#define EVP_R_ENCODE_ERROR 115
1281#define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119 1358#define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119
1282#define EVP_R_EXPECTING_AN_RSA_KEY 127 1359#define EVP_R_EXPECTING_AN_RSA_KEY 127
@@ -1308,6 +1385,7 @@ void ERR_load_EVP_strings(void);
1308#define EVP_R_PRIVATE_KEY_DECODE_ERROR 145 1385#define EVP_R_PRIVATE_KEY_DECODE_ERROR 145
1309#define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146 1386#define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146
1310#define EVP_R_PUBLIC_KEY_NOT_RSA 106 1387#define EVP_R_PUBLIC_KEY_NOT_RSA 106
1388#define EVP_R_TOO_LARGE 164
1311#define EVP_R_UNKNOWN_CIPHER 160 1389#define EVP_R_UNKNOWN_CIPHER 160
1312#define EVP_R_UNKNOWN_DIGEST 161 1390#define EVP_R_UNKNOWN_DIGEST 161
1313#define EVP_R_UNKNOWN_PBE_ALGORITHM 121 1391#define EVP_R_UNKNOWN_PBE_ALGORITHM 121
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 10:29:56 +0000